A method of providing continuous user authentication for resource access control includes launching a continuous authentication service at a boot time of a first device, wherein the first device includes a processor, a memory, and one or more sensors configured to collect authentication information. Additionally, the method includes receiving authentication information comprising one or more of explicit authentication information or implicit authentication information, and receiving a request for access to a resource of the first device. Further, the method includes the operations of determining, by the continuous authentication service, a current value of a security state, the current value of the security state based in part on a time interval between a receipt time of the authentication information and a current time and controlling access to the resource based on the current value of the security state.
Legal claims defining the scope of protection, as filed with the USPTO.
3. The method of claim 1, wherein the response to requesting the authentication information comprises a report of a failure to obtain the one or more implicit authentication information.
4. The method of claim 1, wherein the time of requesting the authentication information is scheduled to minimize a number of requests for the one or more explicit authentication information.
6. The method of claim 1, wherein the one or more explicit authentication information comprises information received by the first device in response to a user prompt to provide the authentication information at a sensor of the one or more sensors of the first device.
7. The method of claim 6, wherein the one or more explicit authentication information comprises one or more of a personal identification number (PIN), a password, a traced pattern on a screen, a result of a fingerprint scan, or a result of a voice recognition operation.
9. The first electronic device of claim 8, wherein the memory further comprises instructions that, when executed by the processor, cause the first electronic device to store the twice-updated current value of the security state in the memory.
10. The first electronic device of claim 8, wherein the response to the request for the authentication information comprises a report of a failure to obtain the one or more implicit authentication information.
11. The first electronic device of claim 8, wherein the time of the request for the authentication information is scheduled to minimize a number of requests for the one or more explicit authentication information.
13. The first electronic device of claim 8, wherein the one or more explicit authentication information comprises information received by the first electronic device in response to a user prompt to provide the authentication information at a sensor of the one or more sensors of the first electronic device.
14. The first electronic device of claim 13, wherein the one or more explicit authentication information comprises one or more of a personal identification number (PIN), a password, a traced pattern on a screen, a result of a fingerprint scan, or a result of a voice recognition operation.
16. The non-transitory computer-readable medium of claim 15, further comprising instructions that, when executed by the processor, cause the first device to store the twice-updated current value of the security state in the memory.
17. The non-transitory computer-readable medium of claim 15, wherein the response to the request for the authentication information comprises a report of a failure to obtain the one or more implicit authentication information.
18. The non-transitory computer-readable medium of claim 15, wherein the time of the request for the authentication information is scheduled to minimize a number of requests for the one or more explicit authentication information.
19. The non-transitory computer-readable medium of claim 15, wherein the one or more explicit authentication information comprises information received by the first device in response to a user prompt to provide the authentication information at a sensor of the one or more sensors of the first device.
20. The non-transitory computer-readable medium of claim 15, wherein the one or more explicit authentication information comprises one or more of a personal identification number (PIN), a password, a traced pattern on a screen, a result of a fingerprint scan, or a result of a voice recognition operation.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
April 30, 2019
May 14, 2024
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.